package com.cj.shiro.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.security.auth.Subject;

@RestController
@RequestMapping("/contens")
public class ContentContoller {

    @RequestMapping(value = "/read")
    @RequiresPermissions("admin:read")
    public String read(){
        PrincipalCollection principals =
                SecurityUtils.getSubject().getPrincipals();
        return "content";
    }

    @RequestMapping(value = "/user/read")
    @RequiresPermissions("user:read")
    public String userRead(){
        return "content";
    }
}
